3 Understanding big data Volume: Huge amounts of data in the scale of zettabytes and more. Velocity: Real time streams of data flowing from diverse resources (e.g. physical sensors or virtual sensors coming from social media, such as Twitter streams). Variety: Data from a vast range of systems and sensors, in different formats and datatypes. Veracity: Incompleteness (inconsistency, inaccuracy) of data. Big data include personal data: e.g. a name, a picture, contact details, posts on social networking websites, healthcare data, location data or a computer IP address. 3

4 Big data analytics Data Acquisition/Collection: gathering, filtering and cleaning data from a variety of sources (e.g. social networks, mobile apps, wearable devices, smart grids, online retail services, public registers, etc.) Data Analysis: making the «raw» collected data amenable for decision-making and usage - combination of data from different sources in order to derive new information. Data Curation: ensuring that data meets the necessary quality requirements for effective usage - assuring data reusability. Data Storage: storing and managing data in a scalable way satisfying the needs of applications/analytics that require access to the data. Data Usage: the use of the data by interested parties, such as banks, retailers, advertising networks, public authorities, etc. 4

5 Personal data processing: examples 5

6 Privacy & big data (1) Its all about the scale! Lack of control and transparency: data collection is based on so many different and unexpected sources that control for the individual can easily be lost (no information or choice). Examples: data captured from sensors and cameras, screening posts in social networks or analysis of web searches. Data reusability: using data, alone or in combination with other datasets, beyond its original point and scope of collection. Example: reusing data of mobile apps providers for advertising. 6

8 The EU data protection legal framework (1) Directive 95/46/EC and Directive 2002/58/EC (e-privacy). Personal data: any information relating to an identified or identifiable natural person (data subject). Focus on indirect identification for big data (singling out). Anonymous data: falls outside the EU legal framework if the individuals can no longer be identified ( all the means likely reasonably to be used ). Data controller: determines the purposes and the means of the processing of personal data and has specific obligations. 8

11 Is big data the end of privacy? Big data and the EU data protection principles seem fundamentally opposing. Data re-use against purpose limitation Massive data collection against data minimization Unlimited and secret data collection against transparency & control Profiling against free and independent choice «No matter how many times a privileged straight white male technology executive «People pronounces have really the gotten death comfortable of privacy, Privacy not only Is sharing Not Dead. more People of all «If information you ages have care something and deeply different about that kinds, privacy. you don t but And more want they openly anyone care just and to as know, with much more maybe about people. you privacy That «You social have shouldn t norm zero is privacy just be online doing something anyway. as it they Get the that do over first offline.» has place.» it!» evolved over time.» Scott Danah McNealy, Mark Boyd, Eric Sun Zuckerberg, Schmidt, social Microsystems media Google Facebook scholar & researcher 11

12 From «big data versus privacy» to «big data with privacy» The oxymoron of big data and privacy. lack of privacy resulting to low data quality (commoditization of personal data) individuals tend to «correct» privacy intrusion Privacy building trust in big data for the benefit of both users and services providers. Technology for big data privacy. 12

13 Privacy and data protection by design Embedding privacy measures and privacy enhancing technologies (PETs) directly into the design of data processing systems. PRIVACY BY DESIGN STRATEGY Minimize Hide Separate Aggregate Inform Control Enforce Demonstrate DESCRIPTION Personal data should be restricted to the minimal amount possible. Personal data and their interrelations should be hidden from plain view. Personal data should be processed in a distributed fashion and separate compartments (whenever possible). Personal data should be processed at the highest level of aggregation and with the least possible detail in which it is (still) useful. Data subjects should be adequately informed (transparency). Data subjects should be provided agency over processing of their data. A privacy policy compatible with legal requirements should be in place and should be enforced. Data controllers should be able demonstrate compliance with privacy policy into force and any applicable legal requirements. ENISA s 2014 report on privacy & data protection by design (available online) 13

Cookies Compliance Advisory Note: this is an advisory notice that summarises the current position of the Article 29 Working Group and makes suggestions as to how organisations might practically achieve

Privacy Policy Introduction This Privacy Policy explains what information TORO Limited and its related entities ("TORO") collect about you and why, what we do with that information, how we share it, and

Privacy Policy This Privacy Policy explains what information Fundwave Pte Ltd and its related entities ("Fundwave") collect about you and why, what we do with that information, how we share it, and how

Secure Thinking Bigger Data. Bigger risk? MALWARE HACKERS REPUTATION PROTECTION RISK THEFT There has always been data. What is different now is the scale and speed of data growth. Every day we create 2.5

1 of 9 Privacy Policy This Privacy Policy explains what information SOLITEC Software Solutions GesmbH and its related entities ( SOLITEC ) collect about you and why, what we do with that information, how

ABC PRIVACY POLICY The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services. Our goal is to provide you and your family with media experiences

Privacy Policy Introduction This Privacy Policy explains what information Super7ui LLC collect about you and why, what we do with that information, how we share it, and how we handle the content you place

Introduction About Cookies Cookie Policy Most websites you visit will use in order to improve your user experience by enabling that website to remember you, either for the duration of your visit (using

Comments of the EDPS in response to the public consultation on the planned guidelines on recommended standard licences, datasets and charging for the reuse of public sector information initiated by the

BEYOND BI: Big Data Analytic Use Cases Big Data Analytics Use Cases This white paper discusses the types and characteristics of big data analytics use cases, how they differ from traditional business intelligence

DATAMEER WHITE PAPER Beyond BI Big Data Analytic Use Cases This white paper discusses the types and characteristics of big data analytics use cases, how they differ from traditional business intelligence

SKoolAide Privacy Policy Welcome to SKoolAide. SKoolAide, LLC offers online education related services and applications that allow users to share content on the Web more easily. In addition to the sharing

CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material

Architectural Principles for Secure Multi-Tenancy John Linn, Office of the CTO, RSA, The Security Division of EMC John Field, Office of the CTO, EMC Also adapting prior content by Burt Kaliski DIMACS Workshop

1. Introduction Special data protection rules apply to the protection of Personal Data by Data Controllers in the electronic communications sector. These are in addition to the general obligations that

Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can,

MRS Market Research Standards Board Online Data Collection and Privacy Response to submissions The Consultation In August 2011 MRSB published a discussion paper. The primary aim of the paper, as set out

Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

PReparing Industry to Privacy-by-design by supporting its Application in REsearch Best Practices at Research Level Hisain Elshaafi Telecommunications Software and Systems Group (TSSG) Waterford Institute

EXECUTIVE REPORT Big Data and the 3 V s: Volume, Variety and Velocity The three V s are the defining properties of big data. It is critical to understand what these elements mean. The main point of the

Beasley Broadcast Group, Inc. Privacy Policy Last Updated and Effective December 31, 2015 This Privacy Policy has been updated to include a section regarding your California privacy rights if you are a

Privacy Policy This Privacy Policy will be effective from September 1 st, 2014. Please read Pelican Technologies Privacy Policy before using Pelican Technologies services because it will tell you how we

dma we are the How to guide Email and cookies legislation Published by The DMA Email Marketing Council and the IAB Email Marketing Council First edition, April 2012 Contents Acknowledgements...2 Introduction...3

Privacy Policy Effective Date: November 20, 2015 This Privacy Policy is incorporated by this reference into the Mobli Media Inc. Terms of Use located at https://www.mobli.com/tou.html (the Terms of Use

Unlocking The Value of the Deep Web Harvesting Big Data that Google Doesn t Reach Introduction Every day, untold millions search the web with Google, Bing and other search engines. The volumes truly are

Synapse Privacy Policy Last updated: April 10, 2014 Introduction Sage Bionetworks is driving a systems change in data-intensive healthcare research by enabling a collective approach to information sharing

Technical Brief Securing the Database Stack How ScaleArc Benefits the Security Team Introduction Relational databases store some of the world s most valuable information, including financial transactions,

WEBSITE PRIVACY POLICY FOR RUBE GOLDBERG As of 09-25-2012 Rube Goldberg has created this Privacy Policy in order to demonstrate our firm commitment to protecting personal information. The following discloses

Big Data Challenges and Success Factors Deloitte Analytics Your data, inside out Big Data refers to the set of problems and subsequent technologies developed to solve them that are hard or expensive to

Genomic and Clinical Data Sharing Policy Questions with Technology and Security Implications: Consensus s from the Data Safe Havens Task Team Delivery date: 18 October 2014 When the Security Working Group

The Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking The Information Commissioner has responsibility for promoting and enforcing the

Flat Privacy Policy - Version dated 5 January 2016-1. FLAT APPROACH TO PRIVACY 1.1 We operate a service which allows you to create, edit, share and collaborate on music scores using our website located

This Privacy Policy has been prepared by DEBTSUPPORTCENTRE (the Company, we or us) and (together with our terms of use www.debtsupportcentre.co.uk and any other documents referred to on it) sets out the

To ensure the functioning of the site, we use cookies. We share information about your activities on the site with our partners and Google partners: social networks and companies engaged in advertising and web analytics. For more information, see the Privacy Policy and Google Privacy &amp Terms.
Your consent to our cookies if you continue to use this website.